CodeGuide-dev · RafiulM · Aug 26, 2025 · Aug 26, 2025 · Aug 26, 2025
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -0,0 +1,64 @@
+# Claude Code Task Management Guide
+
+## Documentation Available
+
+📚 **Project Documentation**: Check the documentation files in this directory for project-specific setup instructions and guides.
+**Project Tasks**: Check the tasks directory in documentation/tasks for the list of tasks to be completed. Use the CLI commands below to interact with them.
+
+## MANDATORY Task Management Workflow
+
+🚨 **YOU MUST FOLLOW THIS EXACT WORKFLOW - NO EXCEPTIONS** 🚨
+
+### **STEP 1: DISCOVER TASKS (MANDATORY)**
+You MUST start by running this command to see all available tasks:
+```bash
+task-manager list-tasks
+```
+
+### **STEP 2: START EACH TASK (MANDATORY)**
+Before working on any task, you MUST mark it as started:
+```bash
+task-manager start-task <task_id>
+```
+
+### **STEP 3: COMPLETE OR CANCEL EACH TASK (MANDATORY)**
+After finishing implementation, you MUST mark the task as completed, or cancel if you cannot complete it:
+```bash
+task-manager complete-task <task_id> "Brief description of what was implemented"
+# or
+task-manager cancel-task <task_id> "Reason for cancellation"
+```
+
+## Task Files Location
+
+📁 **Task Data**: Your tasks are organized in the `documentation/tasks/` directory:
+- Task JSON files contain complete task information
+- Use ONLY the `task-manager` commands listed above
+- Follow the mandatory workflow sequence for each task
+
+## MANDATORY Task Workflow Sequence
+
+🔄 **For EACH individual task, you MUST follow this sequence:**
+
+1. 📋 **DISCOVER**: `task-manager list-tasks` (first time only)
+2. 🚀 **START**: `task-manager start-task <task_id>` (mark as in progress)
+3. 💻 **IMPLEMENT**: Do the actual coding/implementation work
+4. ✅ **COMPLETE**: `task-manager complete-task <task_id> "What was done"` (or cancel with `task-manager cancel-task <task_id> "Reason"`)
+5. 🔁 **REPEAT**: Go to next task (start from step 2)
+
+## Task Status Options
+
+- `pending` - Ready to work on
+- `in_progress` - Currently being worked on  
+- `completed` - Successfully finished
+- `blocked` - Cannot proceed (waiting for dependencies)
+- `cancelled` - No longer needed
+
+## CRITICAL WORKFLOW RULES
+
+❌ **NEVER skip** the `task-manager start-task` command
+❌ **NEVER skip** the `task-manager complete-task` command  (use `task-manager cancel-task` if a task is not planned, not required, or you must stop it)
+❌ **NEVER work on multiple tasks simultaneously**
+✅ **ALWAYS complete one task fully before starting the next**
+✅ **ALWAYS provide completion details in the complete command**
+✅ **ALWAYS follow the exact 3-step sequence: list → start → complete (or cancel if not required)**
diff --git a/app/api/finance/assets/[id]/route.ts b/app/api/finance/assets/[id]/route.ts
@@ -0,0 +1,113 @@
+import { NextRequest } from 'next/server';
+import { db, finance } from '@/db';
+import { getAuthenticatedUser, createErrorResponse, createSuccessResponse } from '@/lib/auth-utils';
+import { updateAssetSchema } from '@/lib/validations/finance';
+import { eq, and } from 'drizzle-orm';
+
+export async function GET(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const asset = await db
+            .select()
+            .from(finance.assets)
+            .where(and(
+                eq(finance.assets.id, id),
+                eq(finance.assets.userId, user.id)
+            ))
+            .limit(1);
+
+        if (asset.length === 0) {
+            return createErrorResponse('Asset not found', 404);
+        }
+
+        return createSuccessResponse(asset[0]);
+    } catch (error) {
+        console.error('Error fetching asset:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
+
+export async function PUT(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const body = await request.json();
+        const validationResult = updateAssetSchema.safeParse(body);
+
+        if (!validationResult.success) {
+            return createErrorResponse(
+                validationResult.error.issues.map(e => e.message).join(', '),
+                400
+            );
+        }
+
+        const updateData = { ...validationResult.data, updatedAt: new Date() };
+
+        if (updateData.purchaseDate) {
+            updateData.purchaseDate = new Date(updateData.purchaseDate);
+        }
+
+        const updatedAsset = await db
+            .update(finance.assets)
+            .set(updateData)
+            .where(and(
+                eq(finance.assets.id, id),
+                eq(finance.assets.userId, user.id)
+            ))
+            .returning();
+
+        if (updatedAsset.length === 0) {
+            return createErrorResponse('Asset not found', 404);
+        }
+
+        return createSuccessResponse(updatedAsset[0]);
+    } catch (error) {
+        console.error('Error updating asset:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
+
+export async function DELETE(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const deletedAsset = await db
+            .delete(finance.assets)
+            .where(and(
+                eq(finance.assets.id, id),
+                eq(finance.assets.userId, user.id)
+            ))
+            .returning();
+
+        if (deletedAsset.length === 0) {
+            return createErrorResponse('Asset not found', 404);
+        }
+
+        return createSuccessResponse({ message: 'Asset deleted successfully' });
+    } catch (error) {
+        console.error('Error deleting asset:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
diff --git a/app/api/finance/assets/route.ts b/app/api/finance/assets/route.ts
@@ -0,0 +1,65 @@
+import { NextRequest } from 'next/server';
+import { db, finance } from '@/db';
+import { getAuthenticatedUser, createErrorResponse, createSuccessResponse } from '@/lib/auth-utils';
+import { createAssetSchema } from '@/lib/validations/finance';
+import { eq } from 'drizzle-orm';
+
+export async function GET() {
+    try {
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const assets = await db
+            .select()
+            .from(finance.assets)
+            .where(eq(finance.assets.userId, user.id));
+
+        return createSuccessResponse(assets);
+    } catch (error) {
+        console.error('Error fetching assets:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
+
+export async function POST(request: NextRequest) {
+    try {
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const body = await request.json();
+        const validationResult = createAssetSchema.safeParse(body);
+
+        if (!validationResult.success) {
+            return createErrorResponse(
+                validationResult.error.issues.map(e => e.message).join(', '),
+                400
+            );
+        }
+
+        const { name, type, value, description, purchaseDate } = validationResult.data;
+
+        const newAsset = await db
+            .insert(finance.assets)
+            .values({
+                id: crypto.randomUUID(),
+                userId: user.id,
+                name,
+                type,
+                value,
+                description,
+                purchaseDate: purchaseDate ? new Date(purchaseDate) : null,
+                createdAt: new Date(),
+                updatedAt: new Date(),
+            })
+            .returning();
+
+        return createSuccessResponse(newAsset[0], 201);
+    } catch (error) {
+        console.error('Error creating asset:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
diff --git a/app/api/finance/expenses/[id]/route.ts b/app/api/finance/expenses/[id]/route.ts
@@ -0,0 +1,113 @@
+import { NextRequest } from 'next/server';
+import { db, finance } from '@/db';
+import { getAuthenticatedUser, createErrorResponse, createSuccessResponse } from '@/lib/auth-utils';
+import { updateExpenseSchema } from '@/lib/validations/finance';
+import { eq, and } from 'drizzle-orm';
+
+export async function GET(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const expense = await db
+            .select()
+            .from(finance.expenses)
+            .where(and(
+                eq(finance.expenses.id, id),
+                eq(finance.expenses.userId, user.id)
+            ))
+            .limit(1);
+
+        if (expense.length === 0) {
+            return createErrorResponse('Expense not found', 404);
+        }
+
+        return createSuccessResponse(expense[0]);
+    } catch (error) {
+        console.error('Error fetching expense:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
+
+export async function PUT(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const body = await request.json();
+        const validationResult = updateExpenseSchema.safeParse(body);
+
+        if (!validationResult.success) {
+            return createErrorResponse(
+                validationResult.error.issues.map(e => e.message).join(', '),
+                400
+            );
+        }
+
+        const updateData = { ...validationResult.data, updatedAt: new Date() };
+
+        if (updateData.date) {
+            updateData.date = new Date(updateData.date);
+        }
+
+        const updatedExpense = await db
+            .update(finance.expenses)
+            .set(updateData)
+            .where(and(
+                eq(finance.expenses.id, id),
+                eq(finance.expenses.userId, user.id)
+            ))
+            .returning();
+
+        if (updatedExpense.length === 0) {
+            return createErrorResponse('Expense not found', 404);
+        }
+
+        return createSuccessResponse(updatedExpense[0]);
+    } catch (error) {
+        console.error('Error updating expense:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}
+
+export async function DELETE(
+    request: NextRequest,
+    { params }: { params: Promise<{ id: string }> }
+) {
+    try {
+        const { id } = await params;
+        const user = await getAuthenticatedUser();
+        if (!user) {
+            return createErrorResponse('Unauthorized', 401);
+        }
+
+        const deletedExpense = await db
+            .delete(finance.expenses)
+            .where(and(
+                eq(finance.expenses.id, id),
+                eq(finance.expenses.userId, user.id)
+            ))
+            .returning();
+
+        if (deletedExpense.length === 0) {
+            return createErrorResponse('Expense not found', 404);
+        }
+
+        return createSuccessResponse({ message: 'Expense deleted successfully' });
+    } catch (error) {
+        console.error('Error deleting expense:', error);
+        return createErrorResponse('Internal server error', 500);
+    }
+}